From 12fab6ed9745c7db773ac37e21a11513944e3803 Mon Sep 17 00:00:00 2001 From: marco Date: Thu, 22 Aug 2024 11:26:07 +0200 Subject: [PATCH] lint (gofumpt) --- cmd/crowdsec-cli/capi.go | 8 ++---- cmd/crowdsec/lpmetrics.go | 4 +-- pkg/alertcontext/config.go | 1 - pkg/appsec/appsec.go | 55 ++++++++++++++++++-------------------- pkg/appsec/loader.go | 4 +-- pkg/cwhub/hub.go | 1 + pkg/parser/unix_parser.go | 12 ++++++--- 7 files changed, 41 insertions(+), 44 deletions(-) diff --git a/cmd/crowdsec-cli/capi.go b/cmd/crowdsec-cli/capi.go index 18302688ba1..64bca9f7caf 100644 --- a/cmd/crowdsec-cli/capi.go +++ b/cmd/crowdsec-cli/capi.go @@ -145,7 +145,6 @@ func (cli *cliCapi) newRegisterCmd() *cobra.Command { // QueryCAPIStatus checks if the Local API is reachable, and if the credentials are correct. It then checks if the instance is enrolle in the console. func QueryCAPIStatus(hub *cwhub.Hub, credURL string, login string, password string) (bool, bool, error) { - apiURL, err := url.Parse(credURL) if err != nil { return false, false, fmt.Errorf("parsing api url: %w", err) @@ -165,14 +164,13 @@ func QueryCAPIStatus(hub *cwhub.Hub, credURL string, login string, password stri Scenarios: itemsForAPI, UserAgent: cwversion.UserAgent(), URL: apiURL, - //I don't believe papi is neede to check enrollement - //PapiURL: papiURL, + // I don't believe papi is neede to check enrollement + // PapiURL: papiURL, VersionPrefix: "v3", UpdateScenario: func() ([]string, error) { return itemsForAPI, nil }, }) - if err != nil { return false, false, fmt.Errorf("new client api: %w", err) } @@ -196,7 +194,6 @@ func QueryCAPIStatus(hub *cwhub.Hub, credURL string, login string, password stri return true, true, nil } return true, false, nil - } func (cli *cliCapi) status() error { @@ -217,7 +214,6 @@ func (cli *cliCapi) status() error { log.Infof("Trying to authenticate with username %s on %s", cred.Login, cred.URL) auth, enrolled, err := QueryCAPIStatus(hub, cred.URL, cred.Login, cred.Password) - if err != nil { return fmt.Errorf("CAPI: failed to authenticate to Central API (CAPI): %s", err) } diff --git a/cmd/crowdsec/lpmetrics.go b/cmd/crowdsec/lpmetrics.go index f074910f55c..24842851294 100644 --- a/cmd/crowdsec/lpmetrics.go +++ b/cmd/crowdsec/lpmetrics.go @@ -7,7 +7,6 @@ import ( "time" "github.com/sirupsen/logrus" - "gopkg.in/tomb.v2" "github.com/crowdsecurity/go-cs-lib/ptr" @@ -88,7 +87,8 @@ func newStaticMetrics(consoleOptions []string, datasources []acquisition.DataSou } func NewMetricsProvider(apic *apiclient.ApiClient, interval time.Duration, logger *logrus.Entry, - consoleOptions []string, datasources []acquisition.DataSource, hub *cwhub.Hub) *MetricsProvider { + consoleOptions []string, datasources []acquisition.DataSource, hub *cwhub.Hub, +) *MetricsProvider { return &MetricsProvider{ apic: apic, interval: interval, diff --git a/pkg/alertcontext/config.go b/pkg/alertcontext/config.go index 7348c326379..da05c937b18 100644 --- a/pkg/alertcontext/config.go +++ b/pkg/alertcontext/config.go @@ -98,7 +98,6 @@ func addContextFromFile(toSend map[string][]string, filePath string) error { return nil } - // LoadConsoleContext loads the context from the hub (if provided) and the file console_context_path. func LoadConsoleContext(c *csconfig.Config, hub *cwhub.Hub) error { c.Crowdsec.ContextToSend = make(map[string][]string, 0) diff --git a/pkg/appsec/appsec.go b/pkg/appsec/appsec.go index 54ec748744d..30784b23db0 100644 --- a/pkg/appsec/appsec.go +++ b/pkg/appsec/appsec.go @@ -40,7 +40,6 @@ const ( ) func (h *Hook) Build(hookStage int) error { - ctx := map[string]interface{}{} switch hookStage { case hookOnLoad: @@ -54,7 +53,7 @@ func (h *Hook) Build(hookStage int) error { } opts := exprhelpers.GetExprOptions(ctx) if h.Filter != "" { - program, err := expr.Compile(h.Filter, opts...) //FIXME: opts + program, err := expr.Compile(h.Filter, opts...) // FIXME: opts if err != nil { return fmt.Errorf("unable to compile filter %s : %w", h.Filter, err) } @@ -73,11 +72,11 @@ func (h *Hook) Build(hookStage int) error { type AppsecTempResponse struct { InBandInterrupt bool OutOfBandInterrupt bool - Action string //allow, deny, captcha, log - UserHTTPResponseCode int //The response code to send to the user - BouncerHTTPResponseCode int //The response code to send to the remediation component - SendEvent bool //do we send an internal event on rule match - SendAlert bool //do we send an alert on rule match + Action string // allow, deny, captcha, log + UserHTTPResponseCode int // The response code to send to the user + BouncerHTTPResponseCode int // The response code to send to the remediation component + SendEvent bool // do we send an internal event on rule match + SendAlert bool // do we send an alert on rule match } type AppsecSubEngineOpts struct { @@ -93,7 +92,7 @@ type AppsecRuntimeConfig struct { InBandRules []AppsecCollection DefaultRemediation string - RemediationByTag map[string]string //Also used for ByName, as the name (for modsec rules) is a tag crowdsec-NAME + RemediationByTag map[string]string // Also used for ByName, as the name (for modsec rules) is a tag crowdsec-NAME RemediationById map[int]string CompiledOnLoad []Hook CompiledPreEval []Hook @@ -101,22 +100,22 @@ type AppsecRuntimeConfig struct { CompiledOnMatch []Hook CompiledVariablesTracking []*regexp.Regexp Config *AppsecConfig - //CorazaLogger debuglog.Logger + // CorazaLogger debuglog.Logger - //those are ephemeral, created/destroyed with every req - OutOfBandTx ExtendedTransaction //is it a good idea ? - InBandTx ExtendedTransaction //is it a good idea ? + // those are ephemeral, created/destroyed with every req + OutOfBandTx ExtendedTransaction // is it a good idea ? + InBandTx ExtendedTransaction // is it a good idea ? Response AppsecTempResponse - //should we store matched rules here ? + // should we store matched rules here ? Logger *log.Entry - //Set by on_load to ignore some rules on loading + // Set by on_load to ignore some rules on loading DisabledInBandRuleIds []int - DisabledInBandRulesTags []string //Also used for ByName, as the name (for modsec rules) is a tag crowdsec-NAME + DisabledInBandRulesTags []string // Also used for ByName, as the name (for modsec rules) is a tag crowdsec-NAME DisabledOutOfBandRuleIds []int - DisabledOutOfBandRulesTags []string //Also used for ByName, as the name (for modsec rules) is a tag crowdsec-NAME + DisabledOutOfBandRulesTags []string // Also used for ByName, as the name (for modsec rules) is a tag crowdsec-NAME } type AppsecConfig struct { @@ -125,10 +124,10 @@ type AppsecConfig struct { InBandRules []string `yaml:"inband_rules"` DefaultRemediation string `yaml:"default_remediation"` DefaultPassAction string `yaml:"default_pass_action"` - BouncerBlockedHTTPCode int `yaml:"blocked_http_code"` //returned to the bouncer - BouncerPassedHTTPCode int `yaml:"passed_http_code"` //returned to the bouncer - UserBlockedHTTPCode int `yaml:"user_blocked_http_code"` //returned to the user - UserPassedHTTPCode int `yaml:"user_passed_http_code"` //returned to the user + BouncerBlockedHTTPCode int `yaml:"blocked_http_code"` // returned to the bouncer + BouncerPassedHTTPCode int `yaml:"passed_http_code"` // returned to the bouncer + UserBlockedHTTPCode int `yaml:"user_blocked_http_code"` // returned to the user + UserPassedHTTPCode int `yaml:"user_passed_http_code"` // returned to the user OnLoad []Hook `yaml:"on_load"` PreEval []Hook `yaml:"pre_eval"` @@ -152,7 +151,6 @@ func (w *AppsecRuntimeConfig) ClearResponse() { } func (wc *AppsecConfig) LoadByPath(file string) error { - wc.Logger.Debugf("loading config %s", file) yamlFile, err := os.ReadFile(file) @@ -218,10 +216,10 @@ func (wc *AppsecConfig) Build() (*AppsecRuntimeConfig, error) { wc.DefaultRemediation = BanRemediation } - //set the defaults + // set the defaults switch wc.DefaultRemediation { case BanRemediation, CaptchaRemediation, AllowRemediation: - //those are the officially supported remediation(s) + // those are the officially supported remediation(s) default: wc.Logger.Warningf("default '%s' remediation of %s is none of [%s,%s,%s] ensure bouncer compatbility!", wc.DefaultRemediation, wc.Name, BanRemediation, CaptchaRemediation, AllowRemediation) } @@ -231,7 +229,7 @@ func (wc *AppsecConfig) Build() (*AppsecRuntimeConfig, error) { ret.DefaultRemediation = wc.DefaultRemediation wc.Logger.Tracef("Loading config %+v", wc) - //load rules + // load rules for _, rule := range wc.OutOfBandRules { wc.Logger.Infof("loading outofband rule %s", rule) collections, err := LoadCollection(rule, wc.Logger.WithField("component", "appsec_collection_loader")) @@ -253,7 +251,7 @@ func (wc *AppsecConfig) Build() (*AppsecRuntimeConfig, error) { wc.Logger.Infof("Loaded %d inband rules", len(ret.InBandRules)) - //load hooks + // load hooks for _, hook := range wc.OnLoad { if hook.OnSuccess != "" && hook.OnSuccess != "continue" && hook.OnSuccess != "break" { return nil, fmt.Errorf("invalid 'on_success' for on_load hook : %s", hook.OnSuccess) @@ -298,7 +296,7 @@ func (wc *AppsecConfig) Build() (*AppsecRuntimeConfig, error) { ret.CompiledOnMatch = append(ret.CompiledOnMatch, hook) } - //variable tracking + // variable tracking for _, variable := range wc.VariablesTracking { compiledVariableRule, err := regexp.Compile(variable) if err != nil { @@ -454,7 +452,6 @@ func (w *AppsecRuntimeConfig) ProcessPostEvalRules(request *ParsedRequest) error // here means there is no filter or the filter matched for _, applyExpr := range rule.ApplyExpr { o, err := exprhelpers.Run(applyExpr, GetPostEvalEnv(w, request), w.Logger, w.Logger.Level >= log.DebugLevel) - if err != nil { w.Logger.Errorf("unable to apply appsec post_eval expr: %s", err) continue @@ -598,7 +595,7 @@ func (w *AppsecRuntimeConfig) SetActionByName(name string, action string) error } func (w *AppsecRuntimeConfig) SetAction(action string) error { - //log.Infof("setting to %s", action) + // log.Infof("setting to %s", action) w.Logger.Debugf("setting action to %s", action) w.Response.Action = action return nil @@ -622,7 +619,7 @@ func (w *AppsecRuntimeConfig) GenerateResponse(response AppsecTempResponse, logg if response.Action == AllowRemediation { resp.HTTPStatus = w.Config.UserPassedHTTPCode bouncerStatusCode = w.Config.BouncerPassedHTTPCode - } else { //ban, captcha and anything else + } else { // ban, captcha and anything else resp.HTTPStatus = response.UserHTTPResponseCode if resp.HTTPStatus == 0 { resp.HTTPStatus = w.Config.UserBlockedHTTPCode diff --git a/pkg/appsec/loader.go b/pkg/appsec/loader.go index 1c897f9dd20..9a3bfb6b668 100644 --- a/pkg/appsec/loader.go +++ b/pkg/appsec/loader.go @@ -9,9 +9,9 @@ import ( "github.com/crowdsecurity/crowdsec/pkg/cwhub" ) -var appsecRules = make(map[string]AppsecCollectionConfig) //FIXME: would probably be better to have a struct for this +var appsecRules = make(map[string]AppsecCollectionConfig) // FIXME: would probably be better to have a struct for this -var hub *cwhub.Hub //FIXME: this is a temporary hack to make the hub available in the package +var hub *cwhub.Hub // FIXME: this is a temporary hack to make the hub available in the package func LoadAppsecRules(hubInstance *cwhub.Hub) error { hub = hubInstance diff --git a/pkg/cwhub/hub.go b/pkg/cwhub/hub.go index 472fd41b309..a4e81e2c3e2 100644 --- a/pkg/cwhub/hub.go +++ b/pkg/cwhub/hub.go @@ -13,6 +13,7 @@ import ( "github.com/sirupsen/logrus" "github.com/crowdsecurity/go-cs-lib/maptools" + "github.com/crowdsecurity/crowdsec/pkg/csconfig" ) diff --git a/pkg/parser/unix_parser.go b/pkg/parser/unix_parser.go index 9d98fbcf29a..351de8ade56 100644 --- a/pkg/parser/unix_parser.go +++ b/pkg/parser/unix_parser.go @@ -100,13 +100,17 @@ func LoadParsers(cConfig *csconfig.Config, parsers *Parsers) (*Parsers, error) { patternsDir := cConfig.ConfigPaths.PatternDir log.Infof("Loading grok library %s", patternsDir) /* load base regexps for two grok parsers */ - parsers.Ctx, err = Init(map[string]interface{}{"patterns": patternsDir, - "data": cConfig.ConfigPaths.DataDir}) + parsers.Ctx, err = Init(map[string]interface{}{ + "patterns": patternsDir, + "data": cConfig.ConfigPaths.DataDir, + }) if err != nil { return parsers, fmt.Errorf("failed to load parser patterns : %v", err) } - parsers.Povfwctx, err = Init(map[string]interface{}{"patterns": patternsDir, - "data": cConfig.ConfigPaths.DataDir}) + parsers.Povfwctx, err = Init(map[string]interface{}{ + "patterns": patternsDir, + "data": cConfig.ConfigPaths.DataDir, + }) if err != nil { return parsers, fmt.Errorf("failed to load postovflw parser patterns : %v", err) }